user_login.cgi on Draytek Vigor2620 devices before 3.9.8.4 (and on all versions of Vigor2925 devices) allows attackers to send a crafted payload to modify the content of the code segment, insert shellcode, and execute arbitrary code.
CPE | Name | Operator | Version |
---|---|---|---|
vigor2620_firmware | lt | 3.9.8.4 |